Notices: This section not yet converted to new layout. Download stats are rolling back out.

This is not the latest version of Win32 OpenSSH (Microsoft Port) available.

Win32 OpenSSH (Microsoft Port)

0.0.4.0

Package test results are passing.

This package was approved as a trusted package on 11/30/2016.

Open SSH tools for Windows.
This is the Microsoft PowerShell Team's recent port.
Works in all CLIs and does not require .NET.
Includes the following tools:
* ssh.exe
* ssh-add.exe
* ssh-agent.exe
* ssh-keygen.exe
* ssh-keyscan.exe
* ssh-keysign.exe
* ssh-pkcs11-helper.exe
* scp.exe
* sftp.exe
* sshd.exe (server)
* sftp-server.exe

This package performs the following operations that you normally have to hack at until you get what you want:
* Install Appropriate Bitness for the version of Windows
* Install to Program Files (malware protection and following advice of dev team)
* Add SSH location to System PATH
* Optionally install sshd windows service (Requires parameter - see below)
* Optionally install sshd server "key based authentication" (Requires parameter - see below)
* Cleanly uninstall all of the above (removing config files and server keys requires special switch - see below)

The package also attempts to keep you out of trouble when configuring the sshd service:
* Will not install sshd server if an different sshd server is already running
* Will not delete server keys on uninstall or reinstall (unless you override with switch below)
* Will not upgrade or uninstall if the service is running and you did not specify /SSHServerFeature (you forget about the service on a machine where you want to upgrade the client tools)
* If you use the server's Key Based Authentication feature, install and uninstall behave differently to account for the integration of this component

This package supports the following parameters:

-params '"/SSHServerFeature"' (Install and Uninstall)
Also install sshd Windows Service - including opening port 22.
If this parameter is not included on an upgrade or uninstall and
the sshd server is installed - an error is generated. You must
use this switch to indicate you have made preparations for the
sshd service to be interrupted or removed.

-params '"/SSHAgentFeature"'
Installs SSH Agent Service even if SSHD Server is not being installed.
Requires admin rights to configure service.
This option is automatically set when /SSHServerFeature is used.

-params '"/SSHServerFeature /SSHServerPort:3834"'
Allows the setup of the SSH server on an alternate port - sometimes done for security or to avoid conflicts with an existing service on port 22.

RETIRED: -params '"/KeyBasedAuthenticationFeature"'
NO LONGER NECESSARY - KeyBasedAuthentiation is always configured
if the /SSHServerFeature switch is used.

-params '"/SSHServerFeature /DeleteServerKeysAfterInstalled"'
Also install sshd Windows Service - including opening port 22 and
it with Key Based Authentication (reboot required before active)
Server keys are deleted after added to the ssh-agent (you will not have an opportunity to copy them)

-params '"/SSHServerFeature /DeleteConfigAndServerKeys"' (Uninstall)
By default an uninstall does not remove config files nor server keys.

-params '"/UseNTRights"'
By default the install uses PowerShell code that works on operating systems that cannot run the 32-bit ntrights.exe (Nano, Server Core w/out WOW64).
If this code does not work for you, you can use this switch to invoke the 32-bit ntrights.exe
Please be aware that 32-bit ntrights.exe will NOT work on Windows Systems that doe not have WOW64 installed - this would mainly
affect Server Core where this feature is optional and not installed by default and Server Nano where 32-bit is not supported.

To install Win32 OpenSSH (Microsoft Port), run the following command from the command line or from PowerShell:

C:\> choco install openssh --version 0.0.4.0

To upgrade Win32 OpenSSH (Microsoft Port), run the following command from the command line or from PowerShell:

C:\> choco upgrade openssh --version 0.0.4.0

Files

Hide
  • tools\7z.dll Show
    md5: 9943B3BCB2CA91CCBEF2D96682CECB79 | sha1: D467F1F7A8407D1650060C8FE3DC6A0CCFF4D409 | sha256: 7F47382791A5264EED7310706E105C1CFA0E727359102F14933D4927BD296640 | sha512: D724BA334CEC2E3D69BBC93FEA635377EDC941962E2FFBE8246C2ADA80D445DEAB7F3BB5A18FCEAE295428C5B47CE42F3CD56F94AB9F170560DDDED167BE2995
  • tools\7z.exe Show
    md5: 506E5B371882A5A62B669F04CE04DBA8 | sha1: 7447EB123655792FEDE586AD049AC737EFFA9E6C | sha256: BB783A594067DB5CB4E43030D9E6928636555A9CE6AA3533532731975094230A | sha512: 7F367D22B95E14AF8BDA3BE1354A4A54EDFDA283700D086878FEA72B349E64B497F2D241AE31E0B2B0C56957D3A39299E51E09B0D67D2C6201AE20033555212E
  • tools\7z.exe.ignore
  • tools\AddAccountToAssignPrimaryToken.ps1 Show
    param($accountToAdd)
    #written by Ingo Karstein, http://blog.karstein-consulting.com
    #  v1.0, 01/03/2014
    
    ## <--- Configure here
    
    if( [string]::IsNullOrEmpty($accountToAdd) ) {
    	Write-Host "no account specified"
    	exit
    }
    
    ## ---> End of Config
    
    $sidstr = $null
    try {
    	$ntprincipal = new-object System.Security.Principal.NTAccount "$accountToAdd"
    	$sid = $ntprincipal.Translate([System.Security.Principal.SecurityIdentifier])
    	$sidstr = $sid.Value.ToString()
    } catch {
    	$sidstr = $null
    }
    
    Write-Host "Account: $($accountToAdd)" -ForegroundColor DarkCyan
    
    if( [string]::IsNullOrEmpty($sidstr) ) {
    	Write-Host "Account not found!" -ForegroundColor Red
    	exit -1
    }
    
    Write-Host "Account SID: $($sidstr)" -ForegroundColor DarkCyan
    
    $tmp = [System.IO.Path]::GetTempFileName()
    
    Write-Host "Export current Local Security Policy" -ForegroundColor DarkCyan
    secedit.exe /export /cfg "$($tmp)"
    
    $c = Get-Content -Path $tmp
    
    $currentSetting = ""
    
    foreach($s in $c) {
    	if( $s -like "SeAssignPrimaryTokenPrivilege*") {
    		$x = $s.split("=",[System.StringSplitOptions]::RemoveEmptyEntries)
    		$currentSetting = $x[1].Trim()
    	}
    }
    
    if( $currentSetting -notlike "*$($sidstr)*" ) {
    	Write-Host "Modify Setting ""Replace a process level token""" -ForegroundColor DarkCyan
    
    	if( [string]::IsNullOrEmpty($currentSetting) ) {
    		$currentSetting = "*$($sidstr)"
    	} else {
    		$currentSetting = "*$($sidstr),$($currentSetting)"
    	}
    
    	Write-Host "$currentSetting"
    
    	$outfile = @"
    [Unicode]
    Unicode=yes
    [Version]
    signature="`$CHICAGO`$"
    Revision=1
    [Privilege Rights]
    SeAssignPrimaryTokenPrivilege = $($currentSetting)
    "@
    
    	$tmp2 = [System.IO.Path]::GetTempFileName()
    
    
    	Write-Host "Import new settings to Local Security Policy" -ForegroundColor DarkCyan
    	$outfile | Set-Content -Path $tmp2 -Encoding Unicode -Force
    
    	#notepad.exe $tmp2
    	Push-Location (Split-Path $tmp2)
    
    	try {
    		secedit.exe /configure /db "secedit.sdb" /cfg "$($tmp2)" /areas USER_RIGHTS
    		#write-host "secedit.exe /configure /db ""secedit.sdb"" /cfg ""$($tmp2)"" /areas USER_RIGHTS "
    	} finally {
    		Pop-Location
    	}
    } else {
    	Write-Host "NO ACTIONS REQUIRED! Account already in ""Replace a process level token""" -ForegroundColor DarkCyan
    }
    
    Write-Host "Done." -ForegroundColor DarkCyan
    
  • tools\AddAccountToLogonAsAService.ps1 Show
    param($accountToAdd)
    #written by Ingo Karstein, http://blog.karstein-consulting.com
    #  v1.0, 01/03/2014
    
    ## <--- Configure here
    
    if( [string]::IsNullOrEmpty($accountToAdd) ) {
    	Write-Host "no account specified"
    	exit
    }
    
    ## ---> End of Config
    
    $sidstr = $null
    try {
    	$ntprincipal = new-object System.Security.Principal.NTAccount "$accountToAdd"
    	$sid = $ntprincipal.Translate([System.Security.Principal.SecurityIdentifier])
    	$sidstr = $sid.Value.ToString()
    } catch {
    	$sidstr = $null
    }
    
    Write-Host "Account: $($accountToAdd)" -ForegroundColor DarkCyan
    
    if( [string]::IsNullOrEmpty($sidstr) ) {
    	Write-Host "Account not found!" -ForegroundColor Red
    	exit -1
    }
    
    Write-Host "Account SID: $($sidstr)" -ForegroundColor DarkCyan
    
    $tmp = [System.IO.Path]::GetTempFileName()
    
    Write-Host "Export current Local Security Policy" -ForegroundColor DarkCyan
    secedit.exe /export /cfg "$($tmp)"
    
    $c = Get-Content -Path $tmp
    
    $currentSetting = ""
    
    foreach($s in $c) {
    	if( $s -like "SeServiceLogonRight*") {
    		$x = $s.split("=",[System.StringSplitOptions]::RemoveEmptyEntries)
    		$currentSetting = $x[1].Trim()
    	}
    }
    
    if( $currentSetting -notlike "*$($sidstr)*" ) {
    	Write-Host "Modify Setting ""Logon as a Service""" -ForegroundColor DarkCyan
    
    	if( [string]::IsNullOrEmpty($currentSetting) ) {
    		$currentSetting = "*$($sidstr)"
    	} else {
    		$currentSetting = "*$($sidstr),$($currentSetting)"
    	}
    
    	Write-Host "$currentSetting"
    
    	$outfile = @"
    [Unicode]
    Unicode=yes
    [Version]
    signature="`$CHICAGO`$"
    Revision=1
    [Privilege Rights]
    SeServiceLogonRight = $($currentSetting)
    "@
    
    	$tmp2 = [System.IO.Path]::GetTempFileName()
    
    
    	Write-Host "Import new settings to Local Security Policy" -ForegroundColor DarkCyan
    	$outfile | Set-Content -Path $tmp2 -Encoding Unicode -Force
    
    	#notepad.exe $tmp2
    	Push-Location (Split-Path $tmp2)
    
    	try {
    		secedit.exe /configure /db "secedit.sdb" /cfg "$($tmp2)" /areas USER_RIGHTS
    		#write-host "secedit.exe /configure /db ""secedit.sdb"" /cfg ""$($tmp2)"" /areas USER_RIGHTS "
    	} finally {
    		Pop-Location
    	}
    } else {
    	Write-Host "NO ACTIONS REQUIRED! Account already in ""Logon as a Service""" -ForegroundColor DarkCyan
    }
    
    Write-Host "Done." -ForegroundColor DarkCyan
    
  • tools\barebonesinstaller.ps1 Show
    <#
    .SYNOPSIS
    Enables installing SSH even when your system does not have WOW64 or Chocolatey.
    .DESCRIPTION
    This script enables installing  SSH even when your system does NOT have:
      [1] Chocolatey installed
      [2] WOW64 installed
      [3] .NET Core (Nano)
    
    The use cases are Server Nano and Server Core without WOW64 installed.
    
    To use barebonesinstaller.ps1, expand the .nupkg that this file is contained in
    and then place the \tools folder on the target system.
    
    To push tools folder to Nano use 'Copy-Item -tosession $sessionvariable tools c:\tools -recurse'
    .PARAMETER SSHServerFeature
    Include SSH Server Feature.
    .PARAMETER SSHServerPort
    The port that SSHD Server should listen on.
    .PARAMETER DeleteServerKeysAfterInstalled
    Delete server private keys after they have been secured
    .PARAMETER DeleteConfigAndServerKeys
    Delete server private keys and configuration upon uninstall.
    .PARAMETER Uninstall
    Uninstall (default is to install)
    .EXAMPLE
    .\barebonesinstaller.ps1 -SSHServerFeature
    .EXAMPLE
    .\barebonesinstaller.ps1 -SSHServerFeature -Uninstall
    #>
    
    Param (
      [Parameter(HelpMessage="Include SSH Server Feature.")]
      [switch]$SSHServerFeature,
      [Parameter(HelpMessage="Delete server private keys after they have been secured.")]
      [string]$SSHServerPort='22',
      [Parameter(HelpMessage="Delete server private keys after they have been secured.")]
      [switch]$DeleteServerKeysAfterInstalled,
      [Parameter(HelpMessage="Uninstall instead of Install (install is the default).")]
      [switch]$DeleteConfigAndServerKeys,
      [Parameter(HelpMessage="Delete server private keys and configuration upon uninstall.")]
      [switch]$Uninstall
      )
    
    Write-Output "Configuring on Port $SSHServerPort"
    
    cd "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
    
    If (!$Uninstall)
    {
      . ".\chocolateyinstall.ps1"
    }
    Else
    {
      . ".\chocolateyuninstall.ps1"
    }
    
  • tools\chocolateyinstall.ps1 Show
    $ErrorActionPreference = 'Stop'; # stop on all errors
    
    $ProductName = (Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name 'ProductName').ProductName
    $EditionId = (Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name 'EditionID').EditionId
    
    Write-Output "Running on: $ProductName, ($EditionId)"
    
    If ($EditionId -ilike '*Nano*')
    {$RunningOnNano = $True}
    
    If (Test-Path variable:shimgen)
    {$RunningUnderChocolatey = $True}
    Else
    {  Write-Output "Running Without Chocolatey"}
    
    $toolsDir   = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
    $OSBits = ([System.IntPtr]::Size * 8) #Get-ProcessorBits
    
    #On 64-bit, always favor 64-bit Program Files no matter what our execution is now (works back past XP / Server 2003)
    If ($env:ProgramFiles.contains('x86'))
    {
      $PF = $env:ProgramFiles.replace(' (x86)','')
    }
    Else
    {
      $PF = $env:ProgramFiles
    }
    
    $filename = "$toolsdir\OpenSSH-Win$($OSBits).zip"
    #$TargetFolder = "$PF\OpenSSH"
    #$TargetFolderOld = "$PF\OpenSSH-Win$($OSBits)"
    $TargetFolder = "$PF\OpenSSH-Win$($OSBits)"
    $ExtractFolder = "$env:temp\OpenSSHTemp"
    
    $packageArgs = @{
      packageName   = 'openssh'
      unziplocation = "$ExtractFolder"
      fileType      = 'EXE_MSI_OR_MSU' #only one of these: exe, msi, msu
    
      checksum      = 'F82F6AFCCE4A2E2FE01B182AE069EA5EECAD2B22'
      checksumType  = 'SHA1'
      checksum64    = 'A710F655DBA890CA6DA675463388A22EB35D1597'
      checksumType64= 'SHA1'
    }
    
    If ($RunningUnderChocolatey)
    {
      # Default the values before reading params
      $SSHServerFeature = $false
      $KeyBasedAuthenticationFeature = $false
      $DeleteServerKeysAfterInstalled = $false
      $UseNTRights = $false
      $SSHServerPort = '22'
    
      $arguments = @{};
      $packageParameters = $env:chocolateyPackageParameters
    }
    
    $OpeningMessage = @"
    
    ************************************************************************************
    This package can install Win32-OpenSSH on Nano and Server Core and Docker Containers
    See the following for details:
    https://github.com/DarwinJS/ChocoPackages/blob/master/openssh/readme.md
    ************************************************************************************
    
    "@
    
    Write-Output $OpeningMessage
    
    # Now parse the packageParameters using good old regular expression
    if ($packageParameters) {
        $match_pattern = "\/(?<option>([a-zA-Z]+)):(?<value>([`"'])?([a-zA-Z0-9- _\\:\.]+)([`"'])?)|\/(?<option>([a-zA-Z]+))"
        #"
        $option_name = 'option'
        $value_name = 'value'
    
        if ($packageParameters -match $match_pattern ){
            $results = $packageParameters | Select-String $match_pattern -AllMatches
            $results.matches | % {
              $arguments.Add(
                  $_.Groups[$option_name].Value.Trim(),
                  $_.Groups[$value_name].Value.Trim())
          }
        }
        else
        {
          throw "Package Parameters were found but were invalid (REGEX Failure)"
        }
    
        if ($arguments.ContainsKey("SSHAgentFeature")) {
            Write-Host "/SSHAgentFeature was used, including SSH Agent Service."
            $SSHAgentFeature = $true
        }
    
        if ($arguments.ContainsKey("SSHServerFeature")) {
            Write-Host "/SSHServerFeature was used, including SSH Server Feature."
            $SSHServerFeature = $true
        }
    
        if ($arguments.ContainsKey("SSHServerPort")) {
            $SSHServerPort = $arguments.Get_Item("SSHServerPort")
            Write-Host "/SSHServerPort was used, attempting to use SSHD listening port $SSHServerPort."
            If (!$SSHServerFeature)
            {
              Write-Host "You forgot to specify /SSHServerFeature with /SSHServerPort, autofixing for you, enabling /SSHServerFeature"
              $SSHServerFeature = $true
            }
        }
    
        if ($arguments.ContainsKey("UseNTRights")) {
            Write-Host "Using ntrights.exe to set service permissions (will not work, but generate warning if WOW64 is not present on 64-bit machines)"
            $UseNTRights = $true
        }
    
        if ($arguments.ContainsKey("DeleteServerKeysAfterInstalled")) {
            Write-Host "Deleting server private keys after they have been secured."
            $DeleteServerKeysAfterInstalled = $true
        }
    
        if ($arguments.ContainsKey("KeyBasedAuthenticationFeature")) {
            Write-Host "Including LSA DLL Feature."
            $KeyBasedAuthenticationFeature = $true
            If (!$SSHServerFeature)
            {
              Write-Warning "KeyBasedAuthenticationFeature was specified, but is only value when SSHServerFeature is specified, ignoring..."
            }
        }
    
    } else {
        Write-Debug "No Package Parameters Passed in";
    }
    
    Function CheckServicePath ($ServiceEXE,$FolderToCheck)
    {
      #The modern way:
      #Return ([bool]((Get-WmiObject win32_service | ?{$_.Name -ilike "*$ServiceEXE*"} | select -expand PathName) -ilike "*$FolderToCheck*"))
      #The NANO TP5 Compatible Way:
      Return ([bool]((wmic service | ?{$_ -ilike "*$ServiceEXE*"}) -ilike "*$FolderToCheck*"))
    }
    
    
    If ($SSHServerFeature)
    {  #Check if anything is already listening on port $SSHServerPort, which is not a previous version of this software.
      Write-Host "/SSHAgentFeature is also automatically enabled when using /SSHServerFeature."
      $SSHAgentFeature = $true
      $AtLeastOneSSHDPortListenerIsNotUs = $False
      Write-Output "Probing for possible conflicts with SSHD server to be configured on port $SSHServerPort ..."
      . "$toolsdir\Get-NetStat.ps1"
      $procslisteningonRequestedSSHDPort = @(Get-Netstat -GetProcessDetails -FilterOnPort $SSHServerPort)
      If ((checkservicepath 'svchost.exe -k SshBrokerGroup' 'Part of Microsoft SSH Server for Windows') -AND (checkservicepath 'svchost.exe -k SshProxyGroup' 'Part of Microsoft SSH Server for Windows'))
      {
        Write-Warning "  > Detected that Developer Mode SSH is present (Probably due to enabling Windows 10 Developer Mode)"
        $DeveloperModeSSHIsPresent = $True
      }
    
      If ($procslisteningonRequestedSSHDPort.count -ge 1)
      {
        ForEach ($proconRequestedSSHDPort in $procslisteningonRequestedSSHDPort)
        {
          Write-output "  > Checking $($proconRequestedSSHDPort.Localaddressprocesspath) against path $TargetFolder"
          If ("$($proconRequestedSSHDPort.Localaddressprocesspath)" -ilike "*$TargetFolder*")
          {
            Write-Output "  > Found a previous version of Win32-OpenSSH installed by this package on $SSHServerPort."
          }
          Else
          {
            $AtLeastOneSSHDPortListenerIsNotUs = $True
            Write-Warning "  > Found something listening on Port $SSHServerPort that was not installed by this package."
            Write-Warning "      $($proconRequestedSSHDPort.LocalAddressProcessPath) is listening on Port $SSHServerPort"
            $ProcessOccupyingPort = "$($proconRequestedSSHDPort.LocalAddressProcessPath)"
          }
        }
      }
    
      If ($AtLeastOneSSHDPortListenerIsNotUs)
      {
      $errorMessagePort = @"
    "$ProcessOccupyingPort" is listening on port $SSHServerPort and you have not specified a different listening port (list above) using the /SSHServerPort parameter.
    Please either deconfigure or deinstall whatever is running on Port $SSHServerPort and try again OR specify a different port for this SSHD Server using the /SSHServerPort package parameter.
    If you see the message 'Detected that Developer Mode SSH is present' above, you may be able to simply disable the services 'SSHBroker' and 'SSHProxy'
    "@
      Throw $errorMessagePort
      }
    }
    
    #$SSHServiceInstanceExistsAndIsOurs = ([bool]((Get-WmiObject win32_service | ?{$_.Name -ilike 'sshd'} | select -expand PathName) -ilike "*$TargetFolder*"))
    $SSHServiceInstanceExistsAndIsOurs = CheckServicePath 'sshd' "$TargetFolder"
    #$SSHAGENTServiceInstanceExistsAndIsOurs = ([bool]((Get-WmiObject win32_service | ?{$_.Name -ilike 'ssh-agent'} | select -expand PathName) -ilike "*$TargetFolder*"))
    $SSHAGENTServiceInstanceExistsAndIsOurs = CheckServicePath 'ssh-agent' "$TargetFolder"
    
    If ($SSHServerFeature -AND (!$SSHServiceInstanceExistsAndIsOurs) -AND ([bool](Get-Service sshd -ErrorAction SilentlyContinue)))
    {
      $ExistingSSHDInstancePath = split-path -parent (((wmic service | ?{$_ -ilike '*sshd*'}) -ilike "*$TargetFolder*").split('=')[1].trim())
      #(Get-WmiObject win32_service | ?{$_.Name -ilike 'sshd'} | select -expand PathName)
      Throw "You have requested that the SSHD service be installed, but this system appears to have an instance of an SSHD service configured for another folder ($ExistingSSHDInstancePath).  You can remove the package switch /SSHServerFeature to install just the client tools, or you will need to remove that instance of SSHD to use the one that comes with this package."
    }
    
    If ((!$SSHServerFeature) -AND $SSHServiceInstanceExistsAndIsOurs)
    {
      Throw "There is a configured instance of the SSHD service, please specify the /SSHServerFeature to confirm it is OK to shutdown and upgrade the SSHD service at this time."
    }
    
    If ([bool](get-process ssh -erroraction silentlycontinue | where {$_.Path -ilike "*$TargetFolder*"}))
    {
      Throw "It appears you have instances of ssh.exe (client) running from the folder this package installs to, please terminate them and try again."
    }
    
    If ($SSHServiceInstanceExistsAndIsOurs -AND ([bool](Get-Service SSHD -ErrorAction SilentlyContinue | where {$_.Status -ieq 'Running'})))
    {
        #Shutdown and unregister service for upgrade
        stop-service sshd -Force
        Stop-Service SSH-Agent -Force
        Start-Sleep -seconds 3
        If (([bool](Get-Service SSHD | where {$_.Status -ieq 'Running'})))
        {
          Throw "Could not stop the SSHD service, please stop manually and retry this package."
        }
        If ($SSHAGENTServiceInstanceExistsAndIsOurs)
        {
          stop-service ssh-agent -Force
          Start-Sleep -seconds 3
          If (([bool](Get-Service ssh-agent | where {$_.Status -ieq 'Running'})))
          {
            Throw "Could not stop the ssh-agent service, please stop manually and retry this package."
          }
        }
    
    }
    
    If ($SSHServiceInstanceExistsAndIsOurs)
    {
      Write-output "Stopping SSHD Service for upgrade..."
      Stop-Service sshd
      sc.exe delete sshd | out-null
    }
    If ($SSHAGENTServiceInstanceExistsAndIsOurs)
    {
      Write-output "Stopping SSH-Agent Service for upgrade..."
      Stop-Service ssh-agent -erroraction silentlycontinue
      sc.exe delete ssh-agent | out-null
    }
    
    If ($OSBits -eq 64)
    {
      $SourceZipChecksum = $packageargs.checksum64
      $SourceZipChecksumType = $packageargs.checksumType64
    }
    Else
    {
      $SourceZipChecksum = $packageargs.checksum
      $SourceZipChecksumType = $packageargs.checksumType
    }
    
    If ([bool](get-command get-filehash -ea silentlycontinue))
    {
      If ((Get-FileHash $filename -Algorithm $SourceZipChecksumType).Hash -eq $SourceZipChecksum)
      {
        Write-Output "Hashes for internal source match"
      }
      Else
      {
        throw "Checksums for internal source do not match - something is wrong."
      }
    }
    Else
    {
      Write-Output "Source files are internal to the package, checksums are not required nor checked."
    }
    
    If ($RunningUnderChocolatey)
    {
      If (Test-Path $ExtractFolder)
      {
        Remove-Item $ExtractFolder -Recurse -Force
      }
      Get-ChocolateyUnzip "$filename" $ExtractFolder
      Install-ChocolateyPath "$TargetFolder" 'Machine'
    }
    Else
    {
      If (Test-Path "$toolsdir\7z.exe")
      {
        #covers nano
        cd $toolsdir
        .\7z.exe x $filename -o"$ExtractFolder" -aoa
      }
      Else
      {
        Throw "You need a copy of 7z.exe next to this script for this operating system.  You can get a copy at 7-zip.org"
      }
    
      If ($env:Path -inotlike "*$TargetFolder*")
      {
        Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment' -Name 'PATH' -Value "$env:Path;$TargetFolder"
      }
    }
    
    Copy-Item "$ExtractFolder\*" "$PF" -Force -Recurse
    Remove-Item "$ExtractFolder" -Force -Recurse
    
    $SSHLsaVersionChanged = $false
    If (Test-Path "$env:windir\system32\ssh-lsa.dll")
    {
      #Using file size because open ssh files are not currently versioned.  Submitted problem report asking for versioning to be done
      If (((get-item $env:windir\system32\ssh-lsa.dll).length) -ne ((get-item $TargetFolder\ssh-lsa.dll).length))
      {$SSHLsaVersionChanged = $true}
    }
    
    If ($SSHAgentFeature)
    {
      New-Service -Name ssh-agent -BinaryPathName "$TargetFolder\ssh-agent.exe" -Description "SSH Agent" -StartupType Automatic | Out-Null
      cmd.exe /c 'sc.exe sdset ssh-agent D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)(A;;RP;;;AU)'
    
      Start-Service ssh-agent
    
      Start-Sleep -seconds 3
    
      If (!$UseNTRights)
      {
        #The code in this .PS1 has been tested on Nano - the hardest case to date for setting special privileges in script
        . "$toolsdir\AddAccountToLogonAsAService.ps1" -AccountToAdd "NT SERVICE\SSH-Agent"
      }
      Else
      {
        If (($OSBits -eq 64) -and (!(Test-Path "$env:windir\syswow64")))
        {
          Write-Warning "This 64-bit system does not have the WOW64 subsystem installed, please manually grant the right SeLogonAsAService to `"NT SERVICE\SSHD`"."
          Write-Warning "OR try again WITHOUT the /UseNTRights switch."
        }
        Else
        {
          write-output "Using ntrights.exe to grant logon as service."
          Start-Process "$TargetFolder\ntrights.exe" -ArgumentList "-u `"NT SERVICE\SSH-Agent`" +r SeAssignPrimaryTokenPrivilege"
        }
      }
    }
    
    If ($SSHServerFeature)
    {
      Write-Warning "You have specified SSHServerFeature - this machine is being configured as an SSH Server including opening port $SSHServerPort."
    
        Write-Warning "You have specified SSHServerFeature - a new lsa provider will be installed."
        If (Test-Path "$env:windir\sysnative")
        { #We are running in a 32-bit process under 64-bit Windows
          $sys32dir = "$env:windir\sysnative"
        }
        Else
        { #We are on a 32-bit OS, or 64-bit proc on 64-bit OS
          $sys32dir = "$env:windir\system32"
        }
    
        If ($SSHLsaVersionChanged)
        {
          . "$toolsdir\fileinuseutils.ps1"
          $CopyLSAResult = Copy-FileEvenIfLocked "$TargetFolder\ssh-lsa.dll" "$sys32dir\ssh-lsa.dll"
        }
    
        #Don't destroy other values
        $key = get-item 'Registry::HKLM\System\CurrentControlSet\Control\Lsa'
        $values = $key.GetValue("Authentication Packages")
        If (!($Values -contains 'ssh-lsa'))
        {
          Write-Output "Adding ssh-lsa to authentication packages..."
          $values += 'ssh-lsa'
          Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\" "Authentication Packages" $values
        }
        Else
        {
          Write-Output "ssh-lsa already configured in authentication packages..."
        }
    
      If((Test-Path "$TargetFolder\sshd_config") -AND ([bool]((gc "$TargetFolder\sshd_config") -ilike "*#LogLevel INFO*")))
      {
        Write-Warning "Explicitly disabling sshd logging as it currently logs about .5 GB / hour"
        (Get-Content "$TargetFolder\sshd_config") -replace '#LogLevel INFO', 'LogLevel QUIET' | Set-Content "$TargetFolder\sshd_config"
      }
    
      If((Test-Path "$TargetFolder\sshd_config"))
      {
        #(Get-Content "$TargetFolder\sshd_config") -replace '#LogLevel INFO', 'LogLevel QUIET' | Set-Content "$TargetFolder\sshd_config"
        (Get-Content "$TargetFolder\sshd_config") -replace '#LogLevel INFO', 'LogLevel QUIET' | Set-Content "$TargetFolder\sshd_config"
    
         $CurrentPortConfig = ((gc "$TargetFolder\sshd_config") -match "^#*Port\s\d*\s*$")
         If ([bool]($CurrentPortConfig -notmatch "^Port $SSHServerPort"))
         {
           Write-Output "Current port setting in `"$TargetFolder\sshd_config`" is `"$CurrentPortConfig`", setting it to `"Port $SSHServerPort`""
           (Get-Content "$TargetFolder\sshd_config") -replace "^#*Port\s\d*\s*$", "Port $SSHServerPort" | Set-Content "$TargetFolder\sshd_config"
         }
         Else
         {
           Write-Output "Current port setting in `"$TargetFolder\sshd_config`" already matches `"Port $SSHServerPort`", no action necessary."
         }
      }
    
      If (!(Test-Path "$TargetFolder\KeysGenerated.flg"))
      { #Only ever generate a key the first time SSHD server is installed
          Write-Output "Generating sshd keys in `"$TargetFolder`""
          start-process "$TargetFolder\ssh-keygen.exe" -ArgumentList '-A' -WorkingDirectory "$TargetFolder" -nonewwindow -wait
          New-Item "$TargetFolder\KeysGenerated.flg" -type File | out-null
      }
      Else
      {
        Write-Warning "Found existing server ssh keys in $TargetFolder, you must delete them manually to generate new ones."
      }
    
      netsh advfirewall firewall add rule name='SSHD Port OpenSSH (chocolatey package: openssh)' dir=in action=allow protocol=TCP localport=$SSHServerPort
    
      If ($DeleteServerKeysAfterInstalled)
      {
        pushd $TargetFolder
        Foreach ($keyfile in $keylist)
        {
          If (Test-Path $keyfile)
          {
            Remove-Item $keyfile -force
          }
        }
        popd
      }
      Else
      {
        Write-Warning "The following private keys should be removed from the machine: $keylist"
      }
      New-Service -Name sshd -BinaryPathName "$TargetFolder\sshd.exe" -Description "SSH Deamon" -StartupType Automatic -DependsOn ssh-agent | Out-Null
      sc.exe config sshd obj= "NT SERVICE\SSHD"
    
      If (!$UseNTRights)
      {
        #The code in this .PS1 has been tested on Nano - the hardest case to date for setting special privileges in script
        . "$toolsdir\AddAccountToAssignPrimaryToken.ps1" -AccountToAdd "NT SERVICE\SSHD"
        . "$toolsdir\AddAccountToLogonAsAService.ps1" -AccountToAdd "NT SERVICE\SSHD"
      }
      Else
      {
        If (($OSBits -eq 64) -and (!(Test-Path "$env:windir\syswow64")))
        {
          Write-Warning "This 64-bit system does not have the WOW64 subsystem installed, please manually grant the right SeLogonAsAService to `"NT SERVICE\SSHD`"."
          Write-Warning "OR try again WITHOUT the /UseNTRights switch."
        }
        Else
        {
          write-output "Using ntrights.exe to grant logon as service."
          Start-Process "$TargetFolder\ntrights.exe" -ArgumentList "-u `"NT SERVICE\SSHD`" +r SeAssignPrimaryTokenPrivilege"
        }
      }
    }
    
    If (CheckServicePath 'sshd' "$TargetFolder")
    {
      write-output "Starting SSHD..."
      Start-Service SSHD
    }
    If (CheckServicePath 'ssh-agent' "$TargetFolder")
    {
      write-output "Starting SSH-Agent..."
      Start-Service SSH-Agent
    }
    
    $keylist = "ssh_host_dsa_key", "ssh_host_rsa_key", "ssh_host_ecdsa_key", "ssh_host_ed25519_key"
    $fullpathkeylist = "'$TargetFolder\ssh_host_dsa_key'", "'$TargetFolder\ssh_host_rsa_key'", "'$TargetFolder\ssh_host_ecdsa_key'", "'$TargetFolder\ssh_host_ed25519_key'"
    
    
    If ($SSHServerFeature)
    {
      If (!(Test-Path "$TargetFolder\KeysAddedToAgent.flg"))
      {
        Write-Output "Installing Server Keys into SSH-Agent"
    
        schtasks.exe /create /RU "NT AUTHORITY\SYSTEM" /RL HIGHEST /SC ONSTART /TN "ssh-add" /TR "'$TargetFolder\ssh-add.exe'  $fullpathkeylist" /F
    
        schtasks.exe /Run /I /TN "ssh-add"
    
        schtasks.exe /Delete /TN "ssh-add" /F
    
        New-Item "$TargetFolder\KeysAddedToAgent.flg" -type File | out-null
      }
    
      If ($SSHLsaVersionChanged)
      {
        Write-Warning "IMPORTANT: You must reboot so that key based authentication can be fully installed or upgraded for the SSHD Service."
      }
      If ($CopyLSAResult)
      {
        Write-Warning "CRITICAL: ssh-lsa.dll was locked - a reboot required to fully install the new version."
      }
    
    }
    
    Write-Warning "You must start a new prompt, or use the command 'refreshenv' (provided by your chocolatey install) to re-read the environment for the tools to be available in this shell session."
    
  • tools\chocolateyuninstall.ps1 Show
    $ErrorActionPreference = 'Stop'; # stop on all errors
    $ProductName = (Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name 'ProductName').ProductName
    $EditionId = (Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name 'EditionID').EditionId
    
    Write-Output "Running on: $ProductName, ($EditionId)"
    
    If ($EditionId -ilike '*Nano*')
    {$RunningOnNano = $True}
    
    If (Test-Path variable:shimgen)
    {$RunningUnderChocolatey = $True}
    Else
    {  Write-Output "Running Without Chocolatey"}
    
    $packageName= 'openssh'
    $toolsDir   = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
    
    $OSBits = ([System.IntPtr]::Size * 8) #Get-ProcessorBits
    
    #On 64-bit, always favor 64-bit Program Files no matter what our execution is now (works back past XP / Server 2003)
    If ($env:ProgramFiles.contains('x86'))
    {
      $PF = $env:ProgramFiles.replace(' (x86)','')
    }
    Else
    {
      $PF = $env:ProgramFiles
    }
    
    #$TargetFolder = "$PF\OpenSSH"
    $TargetFolder = "$PF\OpenSSH-Win$($OSBits)"
    $TargetFolderOld = "$PF\OpenSSH-Win$($OSBits)"
    
    If ($RunningUnderChocolatey)
    {
      # Default the values before reading params
      $SSHServerFeature = $false
      $KeyBasedAuthenticationFeature = $false
      $DeleteConfigAndServerKeys = $false
    
      $arguments = @{};
      $packageParameters = $env:chocolateyPackageParameters
    }
    # Now parse the packageParameters using good old regular expression
    if ($packageParameters) {
        $match_pattern = "\/(?<option>([a-zA-Z]+)):(?<value>([`"'])?([a-zA-Z0-9- _\\:\.]+)([`"'])?)|\/(?<option>([a-zA-Z]+))"
        #"
        $option_name = 'option'
        $value_name = 'value'
    
        if ($packageParameters -match $match_pattern ){
            $results = $packageParameters | Select-String $match_pattern -AllMatches
            $results.matches | % {
              $arguments.Add(
                  $_.Groups[$option_name].Value.Trim(),
                  $_.Groups[$value_name].Value.Trim())
          }
        }
        else
        {
          throw "Package Parameters were found but were invalid (REGEX Failure)"
        }
    
        if ($arguments.ContainsKey("SSHServerFeature")) {
            Write-Host "/SSHServerFeature - Uninstalling SSH Server Feature if Present."
            $SSHServerFeature = $true
        }
    
        if ($arguments.ContainsKey("DeleteConfigAndServerKeys")) {
            Write-Host "/DeleteConfigAndServerKeys - Removing SSH Config and Server Keys."
            $DeleteConfigAndServerKeys = $true
        }
    
    } else {
        Write-Debug "No Package Parameters Passed in";
    }
    
    Function CheckServicePath ($ServiceEXE,$FolderToCheck)
    {
      #The modern way:
      #Return ([bool]((Get-WmiObject win32_service | ?{$_.Name -ilike "*$ServiceEXE*"} | select -expand PathName) -ilike "*$FolderToCheck*"))
      #The NANO TP5 Compatible Way:
      Return ([bool]((wmic service | ?{$_ -ilike "*$ServiceEXE*"}) -ilike "*$FolderToCheck*"))
    }
    
    #$SSHServiceInstanceExistsAndIsOurs = ([bool]((Get-WmiObject win32_service | ?{$_.Name -ilike 'sshd'} | select -expand PathName) -ilike "*$TargetFolder*"))
    $SSHServiceInstanceExistsAndIsOurs = CheckServicePath 'sshd' "$TargetFolder"
    #$SSHAGENTServiceInstanceExistsAndIsOurs = ([bool]((Get-WmiObject win32_service | ?{$_.Name -ilike 'ssh-agent'} | select -expand PathName) -ilike "*$TargetFolder*"))
    $SSHAGENTServiceInstanceExistsAndIsOurs = CheckServicePath 'ssh-agent' "$TargetFolder"
    
    If ($SSHServerFeature -AND (!$SSHServiceInstanceExistsAndIsOurs) -AND (Get-Service sshd -ErrorAction SilentlyContinue))
    {
      $ExistingSSHDInstancePath = (Get-WmiObject win32_service | ?{$_.Name -ilike 'sshd'} | select -expand PathName)
      Throw "You have requested that the SSHD service be uninstalled, but this system appears to have an instance of an SSHD service configured for another folder ($ExistingSSHDInstancePath).  Ignoring /SSHServerFeature"
      $SSHServerFeature = $False
    }
    
    If ((!$SSHServerFeature) -AND $SSHServiceInstanceExistsAndIsOurs)
    {
      Throw "There is a configured instance of the SSHD service, please specify the /SSHServerFeature to confirm it is OK to UNINSTALL the SSHD service at this time."
    }
    
    
    If ([bool](get-process ssh -erroraction silentlycontinue | where {$_.Path -ilike "*$TargetPath*"}))
    {
      Throw "It appears you have instances of ssh.exe (client) running from the folder this package installs to, please terminate them and try again."
    }
    
    If ($SSHServiceInstanceExistsAndIsOurs -AND ([bool](Get-Service SSHD -ErrorAction SilentlyContinue | where {$_.Status -ieq 'Running'})))
    {
        Stop-Service SSHD -Force
        Stop-Service SSH-Agent -Force
        Start-Sleep -seconds 3
        If (([bool](Get-Service SSHD | where {$_.Status -ieq 'Running'})))
        {
          Throw "Could not stop the SSHD service, please stop manually and retry this package."
        }
        Stop-Service ssh-agent -Force
        Start-Sleep -seconds 3
        If (([bool](Get-Service ssh-agent | where {$_.Status -ieq 'Running'})))
        {
          Throw "Could not stop the ssh-agent service, please stop manually and retry this package."
        }
    }
    
    If ((get-item 'Registry::HKLM\System\CurrentControlSet\Control\Lsa').getvalue("authentication packages") -contains '0ssh-lsa.dll')
    {
      $KeyBasedAuthenticationFeatureINSTALLED = $True
    }
    
    #uninstall agent service if it was installed without SSHD
    If ($SSHAGENTServiceInstanceExistsAndIsOurs -AND (!$SSHServiceInstanceExistsAndIsOurs))
    {
      Stop-Service ssh-agent -Force
      sc.exe delete ssh-agent | out-null
    }
    
    If ($SSHServiceInstanceExistsAndIsOurs -AND ($SSHServerFeature))
    {
      Stop-Service sshd -Force
      sc.exe delete sshd  | out-null
      Stop-Service ssh-agent -Force
      sc.exe delete ssh-agent | out-null
    }
    
    If ($KeyBasedAuthenticationFeatureINSTALLED)
    {
      If (Test-Path "$env:windir\sysnative")
      { #We are running in a 32-bit process under 64-bit Windows
        $sys32dir = "$env:windir\sysnative"
      }
      Else
      { #We are on a 32-bit OS, or 64-bit proc on 64-bit OS
        $sys32dir = "$env:windir\system32"
      }
    
      $AuthpkgToRemove = 'ssh-lsa'
      foreach ($authpackage in (get-item 'Registry::HKLM\System\CurrentControlSet\Control\Lsa').getvalue("authentication packages"))
      {
        If ($authpackage)
        {
          If ($authpackage -ine "$AuthpkgToRemove")
          {
            [string[]]$Newauthpackages += "$authpackage"
          }
        }
      }
      Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\" "Authentication Packages" $Newauthpackages
      del "$sys32dir\ssh-lsa.dll" -force
    }
    
    #Don't remove config in case they reinstall.
    If (($SSHServiceInstanceExistsAndIsOurs -AND $DeleteConfigAndServerKeys) -OR (!$SSHServiceInstanceExistsAndIsOurs))
    {
        Write-Warning "Removing all config and server keys as requested by /DeleteConfigAndServerKeys"
        If (Test-Path $TargetFolder) {Remove-Item "$TargetFolder" -Recurse -Force}
        If (Test-Path $TargetFolderOLD) {Remove-Item "$TargetFolderOLD" -Recurse -Force}
    }
    Else
    {
    
      If (Test-Path $TargetFolder) {Get-ChildItem "$TargetFolder\*.*" -include *.exe,*.dll,*.cmd | Remove-Item -Recurse -Force}
      Write-Warning "NOT REMOVED: Config files and any keys in `"$TargetFolder`" were NOT REMOVED - you must remove them manually or use the package uninstall parameter /DeleteConfigAndServerKeys."
    }
    netsh advfirewall firewall delete rule name='SSHD Port OpenSSH (chocolatey package: openssh)'
    
    $PathToRemove = "$TargetFolder"
    #Code has been modified to work with Nano - do not change method of environment variable access
    #foreach ($path in [Environment]::GetEnvironmentVariable("PATH","Machine").split(';'))
    foreach ($path in ((Get-ItemProperty 'Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment').path.split(';')))
    {
      If ($Path)
      {
        If (($path -ine "$PathToRemove") -AND ($path -ine "$PathToRemove\"))
        {
          [string[]]$Newpath += "$path"
        }
      }
    }
    $AssembledNewPath = ($newpath -join(';')).trimend(';')
    
    Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment' -Name 'PATH' -Value "$AssembledNewPath"
    #[Environment]::SetEnvironmentVariable("PATH",$AssembledNewPath,"Machine")
    
  • tools\fileinuseutils.ps1 Show
    Add-Type @'
        using System;
        using System.Text;
        using System.Runtime.InteropServices;
    
        public class LockedFileUtils
        {
          public enum MoveFileFlags
          {
              MOVEFILE_REPLACE_EXISTING           = 0x00000001,
              MOVEFILE_COPY_ALLOWED               = 0x00000002,
              MOVEFILE_DELAY_UNTIL_REBOOT         = 0x00000004,
              MOVEFILE_WRITE_THROUGH              = 0x00000008,
              MOVEFILE_CREATE_HARDLINK            = 0x00000010,
              MOVEFILE_FAIL_IF_NOT_TRACKABLE      = 0x00000020
          }
    
            [DllImport("kernel32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
            static extern bool MoveFileEx(string lpExistingFileName, string lpNewFileName, MoveFileFlags dwFlags);
    
            public static bool DeleteLockedFile (string sourcefile)
            {
                return MoveFileEx(sourcefile, null, MoveFileFlags.MOVEFILE_DELAY_UNTIL_REBOOT);
            }
            public static bool CopyLockedFile (string sourcefile, string destination)
            {
                return MoveFileEx(sourcefile, destination, MoveFileFlags.MOVEFILE_DELAY_UNTIL_REBOOT);
            }
        }
    '@
    
    Function Remove-FileEvenIfLocked
    {
      param ([parameter(mandatory=$true,ValueFromPipeline)][string]$Path)
      Process
      {
        $path = (Resolve-Path $path -ErrorAction Stop).Path
    
        try
        {
          Remove-Item $path -ErrorAction Stop
        }
        catch [System.IO.IOException]
        {
          If ($_.exception -ilike "*used by another process*")
          {
            Write-host "$path is locked by another process, attempting to setup removal at reboot..."
            $deleteResult = [LockedFileUtils]::DeleteLockedFile($path)
            if ($deleteResult -eq $false)
            {
              throw "Was not able to remove in use file $path `r`n $(New-Object System.ComponentModel.Win32Exception)"
            }
            else
            {
              write-host "(File locked.  Deleting $path at next reboot.  Reboot is required to complete operation.)"
            }
          }
        }
      }
    }
    
    Function Copy-FileEvenIfLocked
    {
      param ([parameter(mandatory=$true,ValueFromPipeline)][string]$Path,
             [parameter(mandatory=$true,ValueFromPipeline)][string]$Destination)
      Process
      {
        $Path = (Resolve-Path $path -ErrorAction Stop).Path
        Write-output "`$path is now $path"
        $Destination = (Resolve-Path $Destination -ErrorAction Stop).Path
        Write-output "`$Destination is now $Destination"
    
        try
        {
          Copy-Item $Path $Destination -ErrorAction Stop
          Return "RebootNotRequired"
        }
        catch [System.IO.IOException]
        {
          If ($_.exception -ilike "*used by another process*")
          {
            Write-host "$path is locked by another process, attempting to setup copy at reboot..."
            $deleteResult = [LockedFileUtils]::CopyLockedFile($path,$Destination)
            if ($deleteResult -eq $false)
            {
              throw "Was not able to copy in use file $path to $destination `r`n $(New-Object System.ComponentModel.Win32Exception)"
            }
            else
            {
              write-host "Destination file is locked.  Copying $path to $Destination at next reboot.  Reboot is required to complete operation.)"
              Return "RebootRequired"
            }
          }
        }
      }
    }
    
    <#
    function Move-LockedFile
    {
        param($path, $destination)
    
        $path = (Resolve-Path $path).Path
        $destination = $executionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($destination)
    
        $MOVEFILE_DELAY_UNTIL_REBOOT = 0x00000004
    
        $memberDefinition = @'
        [DllImport("kernel32.dll", SetLastError=true, CharSet=CharSet.Auto)]
        public static extern bool MoveFileEx(string lpExistingFileName, string lpNewFileName,
           int dwFlags);
    '@
    
        $type = Add-Type -Name MoveFileUtils -MemberDefinition $memberDefinition -PassThru
        $type::MoveFileEx($path, $destination, $MOVEFILE_DELAY_UNTIL_REBOOT)
    }
    #>
    
  • tools\Get-NetStat.ps1 Show
    function Get-NetStat
    {
    <#
    .SYNOPSIS
    	This function will get the output of netstat -n and parse the output
    .DESCRIPTION
    	This function will get the output of netstat -n and parse the output
    .LINK
    	http://www.lazywinadmin.com/2014/08/powershell-parse-this-netstatexe.html
    .NOTES
    	Francois-Xavier Cat
    	www.lazywinadmin.com
    	@LazyWinAdm
    
      2016/09/20 - Modified by DawinJS to:
      - only grab TCP ports so that parsing PID would be reliable (and is sufficient for my purposes)
      - If -GetProcessDetails
        - parse PID
        - use "get-process" to find exe name (netstat -b is not pulling it for my scenario)
        - finds a full process path name in a Nano TP5 compatible way (WMIC)
      - If -ShowProgress - show progress bar - takes a while to grab all exe paths for all processes
      - If -FilterOnPorts - filter results for these ports before grabbing process details
    
    #>
    Param (
      [switch]$ShowProgress,
      [string[]]$FilterOnPorts,
      [switch]$GetProcessDetails
      )
    	PROCESS
    	{
    		# Get the output of netstat
    		$data = netstat -a -n -o -p TCP | select -skip 4
    
    		# Keep only the line with the data (we remove the first lines)
    		#$data = $data[4..$data.count]
    
    		# Each line need to be splitted and get rid of unnecessary spaces
    		foreach ($line in $data)
    		{
          If ($ShowProgress)
          {
            $ItemBeingProcessed++
            $percentdone = [math]::round(($ItemBeingProcessed/$data.count) * 100)
            Write-Progress -Activity "Probing Listening Ports" -Status "$percentdone% Complete:" -PercentComplete $percentdone
          }
    
          $AddInstance = $True
          # Get rid of the first whitespaces, at the beginning of the line
    			$line = $line -replace '^\s+', ''
    
    			# Split each property on whitespaces block
    			$line = $line -split '\s+'
    
          $PortFromNetStat = (($line[1] -split ":")[1]).trim(' ')
    
          If ($FilterOnPorts)
          {
             If  (!($FilterOnPorts -contains $PortFromNetStat))
             {
               $AddInstance = $False
             }
          }
    
          If ($GetProcessDetails -AND $AddInstance)
          {
            If ($line[4].length -ge 1)
            {
            $ProcessInfo = Get-Process -id $($line[4])
            $ProcessEXEPath = $null
    
            If ([string](wmic process where "ProcessId='$($line[4])'" get ExecutablePath /format:list) -match "[A-Z]:\\.*exe")
            {
              #write-output "match: *$($Matches[0])*"
              $ProcessEXEPath = "$($Matches[0])"
            }
       <#
               If (Test-Path variable:matches) {write-host "got a match"}
    
                If ($getresult.GetType().Name -eq 'Boolean')
                {
                  $ProcessEXEPath = ($Matches[0]).trimend(' ')
                }
                ElseIf ($getresult.GetType().Name -eq 'String')
                {
                  $ProcessEXEPath = $getresult.trimend(' ')
                }
                Else
                {
                  $ProcessEXEPath = ''
                }
                #>
            }
          }
          If ($AddInstance)
          {
    			# Define the properties
      			$properties = @{
    	  			Protocol = $line[0].trim(' ')
    		  		LocalAddressIP = ($line[1] -split ":")[0].trim(' ')
    			  	LocalAddressPort = $PortFromNetStat
              LocalAddressPID = ($line[4]).trim(' ')
              LocalAddressProcessName = $ProcessInfo.Name
              LocalAddressProcessPath = $ProcessEXEPath
    		  		ForeignAddressIP = ($line[2] -split ":")[0].trim(' ')
    			  	ForeignAddressPort = ($line[2] -split ":")[1].trim(' ')
    				  State = $line[3]
    			  }
    
    			  # Output the current line
    			  New-Object -TypeName PSObject -Property $properties
          }
    		}
    	}
    }
    
  • tools\LICENSE.txt Show
    Copy of: https://raw.githubusercontent.com/PowerShell/Win32-OpenSSH/L1-Prod/LICENCE
    
    This file is part of the OpenSSH software.
    
    The licences which components of this software fall under are as
    follows.  First, we will summarize and say that all components
    are under a BSD licence, or a licence more free than that.
    
    OpenSSH contains no GPL code.
    
    1)
         * Copyright (c) 1995 Tatu Ylonen <[email protected]>, Espoo, Finland
         *                    All rights reserved
         *
         * As far as I am concerned, the code I have written for this software
         * can be used freely for any purpose.  Any derived versions of this
         * software must be clearly marked as such, and if the derived work is
         * incompatible with the protocol description in the RFC file, it must be
         * called by a name other than "ssh" or "Secure Shell".
    
        [Tatu continues]
         *  However, I am not implying to give any licenses to any patents or
         * copyrights held by third parties, and the software includes parts that
         * are not under my direct control.  As far as I know, all included
         * source code is used in accordance with the relevant license agreements
         * and can be used freely for any purpose (the GNU license being the most
         * restrictive); see below for details.
    
        [However, none of that term is relevant at this point in time.  All of
        these restrictively licenced software components which he talks about
        have been removed from OpenSSH, i.e.,
    
         - RSA is no longer included, found in the OpenSSL library
         - IDEA is no longer included, its use is deprecated
         - DES is now external, in the OpenSSL library
         - GMP is no longer used, and instead we call BN code from OpenSSL
         - Zlib is now external, in a library
         - The make-ssh-known-hosts script is no longer included
         - TSS has been removed
         - MD5 is now external, in the OpenSSL library
         - RC4 support has been replaced with ARC4 support from OpenSSL
         - Blowfish is now external, in the OpenSSL library
    
        [The licence continues]
    
        Note that any information and cryptographic algorithms used in this
        software are publicly available on the Internet and at any major
        bookstore, scientific library, and patent office worldwide.  More
        information can be found e.g. at "http://www.cs.hut.fi/crypto".
    
        The legal status of this program is some combination of all these
        permissions and restrictions.  Use only at your own responsibility.
        You will be responsible for any legal consequences yourself; I am not
        making any claims whether possessing or using this is legal or not in
        your country, and I am not taking any responsibility on your behalf.
    
    
    			    NO WARRANTY
    
        BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
        FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
        OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
        PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
        OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
        MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
        TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
        PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
        REPAIR OR CORRECTION.
    
        IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
        WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
        REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
        INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
        OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
        TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
        YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
        PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
        POSSIBILITY OF SUCH DAMAGES.
    
    2)
        The 32-bit CRC compensation attack detector in deattack.c was
        contributed by CORE SDI S.A. under a BSD-style license.
    
         * Cryptographic attack detector for ssh - source code
         *
         * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina.
         *
         * All rights reserved. Redistribution and use in source and binary
         * forms, with or without modification, are permitted provided that
         * this copyright notice is retained.
         *
         * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
         * WARRANTIES ARE DISCLAIMED. IN NO EVENT SHALL CORE SDI S.A. BE
         * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR
         * CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF THIS
         * SOFTWARE.
         *
         * Ariel Futoransky <[email protected]>
         * <http://www.core-sdi.com>
    
    3)
        ssh-keyscan was contributed by David Mazieres under a BSD-style
        license.
    
         * Copyright 1995, 1996 by David Mazieres <[email protected]>.
         *
         * Modification and redistribution in source and binary forms is
         * permitted provided that due credit is given to the author and the
         * OpenBSD project by leaving this copyright notice intact.
    
    4)
        The Rijndael implementation by Vincent Rijmen, Antoon Bosselaers
        and Paulo Barreto is in the public domain and distributed
        with the following license:
    
         * @version 3.0 (December 2000)
         *
         * Optimised ANSI C code for the Rijndael cipher (now AES)
         *
         * @author Vincent Rijmen <[email protected]>
         * @author Antoon Bosselaers <[email protected]>
         * @author Paulo Barreto <[email protected]>
         *
         * This code is hereby placed in the public domain.
         *
         * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
         * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
         * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
         * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
         * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
         * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
         * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
         * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
         * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
         * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
         * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    
    5)
        One component of the ssh source code is under a 3-clause BSD license,
        held by the University of California, since we pulled these parts from
        original Berkeley code.
    
         * Copyright (c) 1983, 1990, 1992, 1993, 1995
         *      The Regents of the University of California.  All rights reserved.
         *
         * Redistribution and use in source and binary forms, with or without
         * modification, are permitted provided that the following conditions
         * are met:
         * 1. Redistributions of source code must retain the above copyright
         *    notice, this list of conditions and the following disclaimer.
         * 2. Redistributions in binary form must reproduce the above copyright
         *    notice, this list of conditions and the following disclaimer in the
         *    documentation and/or other materials provided with the distribution.
         * 3. Neither the name of the University nor the names of its contributors
         *    may be used to endorse or promote products derived from this software
         *    without specific prior written permission.
         *
         * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
         * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
         * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
         * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
         * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
         * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
         * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
         * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
         * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
         * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
         * SUCH DAMAGE.
    
    6)
        Remaining components of the software are provided under a standard
        2-term BSD licence with the following names as copyright holders:
    
    	Markus Friedl
    	Theo de Raadt
    	Niels Provos
    	Dug Song
    	Aaron Campbell
    	Damien Miller
    	Kevin Steves
    	Daniel Kouril
    	Wesley Griffin
    	Per Allansson
    	Nils Nordman
    	Simon Wilkinson
    
        Portable OpenSSH additionally includes code from the following copyright
        holders, also under the 2-term BSD license:
    
    	Ben Lindstrom
    	Tim Rice
    	Andre Lucas
    	Chris Adams
    	Corinna Vinschen
    	Cray Inc.
    	Denis Parker
    	Gert Doering
    	Jakob Schlyter
    	Jason Downs
    	Juha Yrj�l�
    	Michael Stone
    	Networks Associates Technology, Inc.
    	Solar Designer
    	Todd C. Miller
    	Wayne Schroeder
    	William Jones
    	Darren Tucker
    	Sun Microsystems
    	The SCO Group
    	Daniel Walsh
    	Red Hat, Inc
    	Simon Vallet / Genoscope
    
         * Redistribution and use in source and binary forms, with or without
         * modification, are permitted provided that the following conditions
         * are met:
         * 1. Redistributions of source code must retain the above copyright
         *    notice, this list of conditions and the following disclaimer.
         * 2. Redistributions in binary form must reproduce the above copyright
         *    notice, this list of conditions and the following disclaimer in the
         *    documentation and/or other materials provided with the distribution.
         *
         * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
         * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
         * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
         * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
         * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
         * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
         * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
         * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
         * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
         * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    
    8) Portable OpenSSH contains the following additional licenses:
    
        a) md5crypt.c, md5crypt.h
    
    	 * "THE BEER-WARE LICENSE" (Revision 42):
    	 * <[email protected]> wrote this file.  As long as you retain this
    	 * notice you can do whatever you want with this stuff. If we meet
    	 * some day, and you think this stuff is worth it, you can buy me a
    	 * beer in return.   Poul-Henning Kamp
    
        b) snprintf replacement
    
    	* Copyright Patrick Powell 1995
    	* This code is based on code written by Patrick Powell
    	* ([email protected]) It may be used for any purpose as long as this
    	* notice remains intact on all source code distributions
    
        c) Compatibility code (openbsd-compat)
    
           Apart from the previously mentioned licenses, various pieces of code
           in the openbsd-compat/ subdirectory are licensed as follows:
    
           Some code is licensed under a 3-term BSD license, to the following
           copyright holders:
    
    	Todd C. Miller
    	Theo de Raadt
    	Damien Miller
    	Eric P. Allman
    	The Regents of the University of California
    	Constantin S. Svintsoff
    
    	* Redistribution and use in source and binary forms, with or without
    	* modification, are permitted provided that the following conditions
    	* are met:
    	* 1. Redistributions of source code must retain the above copyright
    	*    notice, this list of conditions and the following disclaimer.
    	* 2. Redistributions in binary form must reproduce the above copyright
    	*    notice, this list of conditions and the following disclaimer in the
    	*    documentation and/or other materials provided with the distribution.
    	* 3. Neither the name of the University nor the names of its contributors
    	*    may be used to endorse or promote products derived from this software
    	*    without specific prior written permission.
    	*
    	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
    	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    	* ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
    	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
    	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
    	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
    	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
    	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
    	* SUCH DAMAGE.
    
           Some code is licensed under an ISC-style license, to the following
           copyright holders:
    
    	Internet Software Consortium.
    	Todd C. Miller
    	Reyk Floeter
    	Chad Mynhier
    
    	* Permission to use, copy, modify, and distribute this software for any
    	* purpose with or without fee is hereby granted, provided that the above
    	* copyright notice and this permission notice appear in all copies.
    	*
    	* THE SOFTWARE IS PROVIDED "AS IS" AND TODD C. MILLER DISCLAIMS ALL
    	* WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
    	* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL TODD C. MILLER BE LIABLE
    	* FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
    	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
    	* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
    	* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
    
           Some code is licensed under a MIT-style license to the following
           copyright holders:
    
    	Free Software Foundation, Inc.
    
    	* Permission is hereby granted, free of charge, to any person obtaining a  *
    	* copy of this software and associated documentation files (the            *
    	* "Software"), to deal in the Software without restriction, including      *
    	* without limitation the rights to use, copy, modify, merge, publish,      *
    	* distribute, distribute with modifications, sublicense, and/or sell       *
    	* copies of the Software, and to permit persons to whom the Software is    *
    	* furnished to do so, subject to the following conditions:                 *
    	*                                                                          *
    	* The above copyright notice and this permission notice shall be included  *
    	* in all copies or substantial portions of the Software.                   *
    	*                                                                          *
    	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS  *
    	* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF               *
    	* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.   *
    	* IN NO EVENT SHALL THE ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,   *
    	* DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR    *
    	* OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR    *
    	* THE USE OR OTHER DEALINGS IN THE SOFTWARE.                               *
    	*                                                                          *
    	* Except as contained in this notice, the name(s) of the above copyright   *
    	* holders shall not be used in advertising or otherwise to promote the     *
    	* sale, use or other dealings in this Software without prior written       *
    	* authorization.                                                           *
    	****************************************************************************/
    
    
    ------
    $OpenBSD: LICENCE,v 1.19 2004/08/30 09:18:08 markus Exp $
    
  • tools\ntrights.exe Show
    md5: 416C43AEB17252EE33048BD1F277D2A5 | sha1: 085DEB77551F9F6201E5AA352B62CAD91C3005E5 | sha256: F46BAA1B6227226518E42263E9B4808F81C27D060207DF160F9AC64DEAE4F4F5 | sha512: 3155DE3FB04F1DF246D6CECFA1C89F8AE9963C18BE1CE717731FF210AB39D537BE01231002A54D4346B4116E3505F387C92DFECC18A80CE7EB99C6D33E5F1F2A
  • tools\ntrights.exe.ignore
  • tools\OpenSSH-Win32.zip Show
    md5: 7D411DC4C80094AEDD39F9D10F0A41E5 | sha1: F82F6AFCCE4A2E2FE01B182AE069EA5EECAD2B22 | sha256: 3C6A80930842C224E8C0537E2D5096329E78DD9A2D87A78C95741B2784B4B3C4 | sha512: 2FC97BFD52BE8723426F57BA363BCA0482736A903A356929A44FC9D1124E9980C43735719435C17ECCE7C38AA5CD50C60FF7405804459C2AEBAEB40CA47BE1AA
  • tools\OpenSSH-Win64.zip Show
    md5: 7F4A5F3C8072321763210112A52C9035 | sha1: A710F655DBA890CA6DA675463388A22EB35D1597 | sha256: F5A6857E7B5365BCF8BBF28168BF11CC16A7EC7D58B35298CF0E7FB904BE8C0C | sha512: 2667069983C7DD51932C734A7FB9523998FA5BD1FEDF4983A610B5F9116517246668FB439BA38DF4E3BC9854F1E1D9F24C518010C0DE7B25A58E0D8C363FB55A
  • tools\VERIFICATION.txt Show
    VERIFICATION.txt is intended to assist the Chocolatey moderators and community
    in verifying that this package's contents are trustworthy.
    
    To verify:
    
    1. Download https://github.com/PowerShell/Win32-OpenSSH/releases/download/5_30_2016/OpenSSH-Win64.zip
    2. Compare OpenSSH-Win64.zip hash with bundled OpenSSH-Win64.zip hash.
    3. Download https://github.com/PowerShell/Win32-OpenSSH/releases/download/5_30_2016/OpenSSH-Win32.zip
    4. Compare OpenSSH-Win64.zip hash with bundled OpenSSH-Win32.zip hash.
    

Virus Scan Results

In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software, only that a package retrieves software from the official distribution point and/or validate embedded software against official distribution point (where distribution rights allow redistribution).

Chocolatey Pro provides runtime protection from possible malware.

Dependencies

This package has no dependencies.

Package Maintainer(s)

Software Author(s)

  • Microsoft

Copyright

Microsoft

Tags

Release Notes

Product release notes: https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v0.0.4.0

Package Release Notes:
0.0.4.0 - none

0.0.3.0
- NEW: If ssh-lsa.dll is locked at install time, package schedules it to be updated at reboot
displays a "CRITICAL" message noting that a reboot is needed.

0.0.2.20161026
- FIX: "Get-FileHash" is only used if it is available

0.0.2.0
- NEW: /SSHAgentFeature - enables SSH agent for use with client tools when /SSHServerFeature is not used.
- NEW: Sample Dockerfile included for Server Core 2016 or Nano.
- FIX: Uninstall improved.
- NEW: InstallChocoandwin32-openssh.ps1 and InstallChocoandwin32-opensshwithserver.ps1 both refresh
the environment after installing OpenSSH so it can be used in the same console it was installed in.
- FIX: ssh-add is only run after ssh-agent is started.
- FIX: sshd and ssh-agent are always started (if installed), however, a warning to reboot is still generated
if key based authentication is being used.

0.0.0.9
- NEW: Chocolatey package id is now "openssh"
- NEW: Set listenting port with parameter /SSHServerPort
- NEW: Enhanced detection of possible port conflicts with requested listening port
Specifically calls out Developer Mode SSH (Windows 10 Developer Mode)
- NEW: more complete readme: https://github.com/DarwinJS/ChocoPackages/blob/master/openssh/readme.md
- NEW: install on Nano and ServerCore w/out WOW64 (Chocolatey not needed) like this (PSH 5 required):
1) Open a command line on the target (remoting for Nano) and run:
2) Install-Packagerovider NuGet -forcebootstrap -force
3) Register-PackageSource -name chocolatey -provider nuget -location http://chocolatey.org/api/v2/ -trusted
4) Install-Package openssh -provider NuGet
5) cd "$((dir "$env:ProgramFiles\nuget\packages\OpenSSH*\tools" |select -last 1).fullname)"
6) .".\barebonesinstaller.ps1" -SSHServerFeature
- FIX: to prevent repeatedly adding "ssh-lsa" when already present (on forced installs, etc.)
- FIX: to uninstall to prevent leaving lsa-ssh authentication provider entries on system
- NEW: ource files are now internal (makes for easier curation and easier for above barebonesinstaller.ps1)
- FIX: crashing uninstall script
- FIX: properly add SSH folder to path on Nano

2016.05.30.20160827 (package ID: Win32-OpenSSH)
- Switch "/KeyBasedAuthenticationFeature" is retired - key based authentication always configured when using "/SSHServerFeature"
- With switch /UseNTRights Package uses ntrights.exe on 32-bit windows and on 64-bit windows - ONLY IF THE 32-bit SUBSYSTEM IS INSTALLED - otherwise it attempts to use Posh Code to grant SeAssignPrimaryTokenPrivilege.
Code used for setting rights WITHOUT /UseNTRights was tested as working on Nano, which means it should work on server core without WOW64.

Package explicity sets log level to QUIET because on some systems the current version of sshd repeatedly logs the same line at a rate of about 1 GB / 2 hours with default log settings.
Package incorporates securing of the server keys using the SSH agent as per the product release notes below.

Version History

Version Downloads Last updated Status
Win32 OpenSSH (Universal Installer) 7.9.0.1 545502 Sunday, January 13, 2019 approved
Win32 OpenSSH (Universal Installer) 7.7.2.1 740770 Sunday, July 29, 2018 approved
Win32 OpenSSH (Universal Installer) 7.7.1.1 235413 Tuesday, June 5, 2018 approved
Win32 OpenSSH (Universal Installer) 7.7.0.1 17232 Friday, June 1, 2018 approved
Win32 OpenSSH (Universal Installer) 7.6.1.1 167971 Sunday, April 15, 2018 approved
Win32 OpenSSH (Universal Installer) 7.6.0.1 214858 Friday, March 2, 2018 approved
Win32 OpenSSH (Universal Installer) 1.0.0.20180202 186768 Saturday, February 3, 2018 approved
Show More

Discussion for the Win32 OpenSSH (Microsoft Port) Package

Ground rules:

  • This discussion is only about Win32 OpenSSH (Microsoft Port) and the Win32 OpenSSH (Microsoft Port) package. If you have feedback for Chocolatey, please contact the google group.
  • This discussion will carry over multiple versions. If you have a comment about a particular version, please note that in your comments.
  • The maintainers of this Chocolatey Package will be notified about new comments that are posted to this Disqus thread, however, it is NOT a guarantee that you will get a response. If you do not hear back from the maintainers after posting a message below, please follow up by using the link on the left side of this page or follow this link to contact maintainers. If you still hear nothing back, please follow the package triage process.
  • Tell us what you love about the package or Win32 OpenSSH (Microsoft Port), or tell us what needs improvement.
  • Share your experiences with the package, or extra configuration or gotchas that you've found.
  • If you use a url, the comment will be flagged for moderation until you've been whitelisted. Disqus moderated comments are approved on a weekly schedule if not sooner. It could take between 1-5 days for your comment to show up.

comments powered by Disqus
Chocolatey.org uses cookies to enhance the user experience of the site.
Ok